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DETAILED ACTION 



1. 



This action is in response to the application filed on 09/05/2003. 



2. 



Claims 1-33 are under examination. 



Claim Rejections - 35 USC § 101 



35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

3. Claims 18-26 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

Claim 18 recites "A computer-readable medium having stored thereon an object model 
document for persisting an object model therein, the document comprising a compiled 
executable file having: an image source from which the persisted object model is 
instantiated in a memory of a computer; a security source from which a security agent is 
instantiated in the memory of the computer; the security agent for controlling access to 
the object model as instantiated in the memory of the computer; and a loader for being 
instantiated in the memory of the computer upon a command from a commander to 
execute the executable file to instantiate the persisted object model, the loader for 
instantiating the object model in the memory from the image source, instantiating the 
security agent in the memory from the security source, and returning to the commander 
a first reference to the instantiated security agent, whereby the commander in 
employing the first reference accesses the security agent rather than the instantiated 
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object model". The computer-readable medium of claim 18 is comprised communication 

i 

media [specification page 7, paragraph 0023 "communication media typically 
embody computer readable instructions, data structures, program modules, or 
other data in a modulated data signal such as a carrier wave"]. However, the signal 
is not limited to a tangible embodiment. As such, the claim is not limited to statutory 
subject matter and is therefor non-statutory. Therefore, claim 18 recites a non-statutory 
subject matter. 

Claims 19-26 depend on claim 18, therefore they are rejected with the same rationale 
applied against claim 18 above. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

4. Claims 27, 28 and 30 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Golan (US Patent No. 5,974,549). 

As per claim 27 , Golan discloses: 

the security agent (i.e. security monitor) receiving the command from the commander 
[Fig. 4, col. 7 lines 51-55]; the security agent reviewing the command according to pre- 
defined rules therein to determine whether the object model should in fact receive the 
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command; and if so, the security agent forwarding the command to the object model 
and the object model receiving the command and executing same [col. 2 lines 53-57, 
67, col. 3 lines 1-5, col. 5 lines 62-63, Fig. 4, col. 7 lines 55-57] 

As per claim 28 , the rejection of claim 27 is incorporated and Golan discloses: 
if the security agent determines that the object model should not in fact receive the 
command, the security agent does not forward the command to the object model [col. 2 
lines 53-55, 67, col. 3 lines 1-3]. 

As per claim 30 , the rejection of claim 27 is incorporated and Golan discloses: 

the security agent forwarding the command to the object model by way of a second 

reference thereto [Fig. 4, col. 4 lines 3-5, col. 55 lines 55-57]. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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5. Claims 1-4, 9-12, 17-21 and 26 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Grimm et al (US Patent No. 6,317,868) and in view of Golan (US 
Patent No. 5,974,549). 

As per claim 1 , Grimm discloses: 

an image source from which the persisted object model (i.e. software component) is 
instantiated in a memory of a computer; a security source from which a security agent is 
instantiated in the memory of the computer [Fig. 2, step 22 i.e. loads modified software 
component, which includes the original software component and the security operation, 
col. 5 lines 42-51, Fig. 5]; the security agent for controlling access to the object model 
as instantiated in the memory of the computer [col. 5 lines 44-46, col. 6 lines 42-47]; 
and a loader for being instantiated in the memory of the computer upon a command 
from a commander to execute the executable file to instantiate the persisted object 
model [Fig. 2, col. 4 lines 65-67, col. 5 line 1], the loader for instantiating the object 
model in the memory from the image source, instantiating the security agent in the 
memory from the security source [Fig. 2, loads modified software component, Fig. 5]. 
Grimm teaches the enforcement service and security policy service (i.e. security agent) 
for performing the access checks when the modified software component is executed 
[col. 2, 3, col. 6 lines 42-51]. Grimm doesn't expressively mention that returning to the 
commander a first reference to the instantiated security agent. 
Golan discloses: 
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loading the software component (the executable code) into the memory [col. 8, lines 18- 
20], monitoring the execution of the software component associated with the application 
in accordance with a security policy [col. 3 lines 35-37] and intercepting the API call (i.e. 
request or command) by the security monitor (i.e. security agent) [Fig. 2, 4]; returning to 
the commander a first reference to the instantiated security agent, whereby the 
commander in employing the first reference accesses the security agent rather than the 
instantiated object model [Fig. 4, col. 7 lines 44-57]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to combine Golan with Grimm, since one would have been 
motivated to monitor the execution of the software component (i.e. object model) and 
provide the security [Golan, col. 3 lines 35-37]. 

As per claim 2 , the rejection of claim 1 is incorporated and Golan discloses: 

the executable file is compiled by a compiler from a C-type programming language 

object model document [col. 9 lines 56-67, col. 10 lines 1-18, Fig. 4]. 

As per claim 3 , the rejection of claim 1 is incorporated and Golan discloses: 
the loader upon instantiating the security agent provides same with a second reference 
to the instantiated object model, whereby the commander does not have the second 
reference and therefore cannot directly access the object model or command same to 
act [Fig. 4, col. 7 lines 50-57, Fig. 10]. 
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As per claim 4 , the rejection of claim 1 is incorporated and Golan discloses: 
the instantiated security agent passes on each command (i.e. API call) from the 
commander to the object model unless such security agent deems such command to be 
of a type that should not be so passed on [col. 2 lines 43-47, 67, col. 3 lines 1-3]. 

As per claim 9 , the rejection of claim 1 is incorporated and Grimm discloses: 
the loader instantiates the security agent as part of the object model [Fig. 2, step 22, 
col. 5 lines 47-51 i.e. loads modified software component, which includes the original 
software component and the security operation]. 

As per claim 10 , it encompasses limitations that are similar to limitations of claim 1. 
Thus, it is rejected with the same rationale applied against claim 1 above. 

As per claim 11 , the rejection of claim 10 is incorporated and it encompasses limitations 
that are similar to limitations of claim 3. Thus, it is rejected with the same rationale 
applied against claim 3 above. 

As per claim 12 , the rejection of claim 10 is incorporated and it encompasses limitations 
that are similar to limitations of claim 4. Thus, it is rejected with the same rationale 
applied against claim 4 above. 
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As per claim 17 , the rejection of claim 10 is incorporated and it encompasses limitations 
that are similar to limitations of claim 9. Thus, it is rejected with the same rationale 
applied against claim 9 above. 

As per claim 18 , it encompasses limitations that are similar to limitations of claim 1. 
Thus, it is rejected with the same rationale applied against claim 1 above. 

As per claim 19 , the rejection of claim 18 is incorporated and it encompasses limitations 
that are similar to limitations of claim 2. Thus, it is rejected with the same rationale 
applied against claim 2 above. 

As per claim 20 , the rejection of claim 18 is incorporated and it encompasses limitations 
that are similar to limitations of claim 3. Thus, it is rejected with the same rationale 
applied against claim 3 above. 

As per claim 21 . the rejection of claim 18 is incorporated and it encompasses limitations 
that are similar to limitations of claim 4. Thus, it is rejected with the same rationale 
applied against claim 4 above. 

As per claim 26 , the rejection of claim 18 is incorporated and it encompasses limitations 
that are similar to limitations of claim 9. Thus, it is rejected with the same rationale 
applied against claim 9 above. 
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6. Claims 5, 13 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable 

> 

over Grimm et al (US Patent No. 6,317,868) in view of Golan (US Patent No. 5,974,549) 
and in view of Seeman (US Pub. No. 2003/0200459). 

As per claim 5 , the rejection of claim 4 is incorporated and Golan discloses blocking the 
API calls (i.e. commands) that are forbidden according to the security policy [col. 2 line 
67, col. 3 lines 1-3]. Golan doesn't expressively mention that a type of command that 
would expose the object model in a non-obfuscated form. 
Seeman teaches: 

the security agent does not pass on to the object model a type of command that would 
expose the object model in a non-obfuscated form (i.e. clear form or decrypted form) 
[paragraph 0022 lines 13-16, paragraph 0165 lines 16-18 determines access/usage 
rights, if determines that the file may not be accessed, process monitor blocks further 
file reading i.e. does not perform the decryption process on the protected file/document]. 
Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to combine Seeman with Grimm and Golan, since one would 
have been motivated to protecting the digital documents/files [Seeman, paragraph 0019 
lines 2-3]. 
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As per claim 13 .- the rejection of claim 12 is incorporated and it encompasses limitations 
that are similar to limitations of claim 5. Thus, it is rejected with the same rationale 
applied against claim 5 above. 

As per claim 22 , the rejection of claim 21 is incorporated and it encompasses limitations 
that are similar to limitations of claim 5. Thus, it is rejected with the same rationale 
applied against claim 5 above. 

7. Claims 6, 7, 14, 15, 23 and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Grimm et al (US Patent No. 6,317,868) in view of Golan (US Patent 
No. 5,974,549) and Masaki et al (US Patent No. 6,980,308). 

As per claim 6 , the rejection of claim 4 is incorporated and Golan discloses: 

blocking the API calls (i.e. commands) by the security monitor that are forbidden 

according to the security policy [col. 2 line 67, col. 3 lines 1-3]. 

* 

Masaki teaches: 

if the degree of matching with the specified pattern is large (i.e. expose the object with a 
level of granularity finer than a pre-defined maximum), sends a print inhibition command 
to the printer driver to stop the transmission of the print data (i.e. does not pass a 
command) [col. 4 lines 1-5, col. 3 lines 9-13, Fig. 7]. 



4 



Application/Control Number: 10/656,384 Page 1 1 

Art Unit: 2135 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to combine Masaki with Grimm and Golan, since one would 
have been motivated to provide the security [Masaki, col. 1 line 13]. 

As per claim 7 , the rejection of claim 6 is incorporated and Golan discloses: 

allowing the API calls (i.e. commands) by the security monitor that are permitted 

according to the security policy [col. 3 lines 3-5], 

the pattern detector does not detect a specified pattern (i.e. expose the object with a 
level of granularity coarser than the pre-defined maximum), sends a print permission 
command to the printer driver to start the transmission of the print data (i.e. passes a 
command) [col. 3 lines 1-7, Fig. 7]. 

As per claim 14 , the rejection of claim 12 is incorporated and it encompasses limitations 
that are similar to limitations of claim 6. Thus, it is rejected with the same rationale 
applied against claim 6 above. 

As per claim 15 , the rejection of claim 14 is incorporated and it encompasses limitations 
that are similar to limitations of claim 7. Thus, it is rejected with the same rationale 
applied against claim 7 above. 
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As per claim 23 , the rejection of claim 21 is incorporated and it encompasses limitations 
that are similar to limitations of claim 6. Thus, it is rejected with the same rationale 
applied against claim 6 above. 

As per claim 24 , the rejection of claim 23 is incorporated and it encompasses limitations 
that are similar to limitations of claim 7. Thus, it is rejected with the same rationale 
applied against claim 7 above. 

8. Claims 8, 16 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Grimm et al (US Patent No. 6,317,868) in view of Golan (US Patent No. 5,974,549) 
and in view of Dutta et al (US Pub. No. 2002/0138727). 

As per claim 8 , the rejection of claim 1 is incorporated and Golan discloses the security 
agent (i.e. security monitor) and the object model (i.e. the software 
component/application) [Fig. 1,4]. 
Dutta teaches: 

the loader instantiates the security agent (i.e. class public ServerClassM) separately 
from the object model (i.e. Class public ClientClassA or Class public ClientClassB) [Fig. 
4A, paragraph 0047, 0048, 0050]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to combine Dutta with Grimm and Golan, since one would have 
been motivated to provide secure access control [Dutta, paragraph 0009 lines 4-5]. 
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As per claim 16 , the rejection of claim 10 is incorporated and it encompasses limitations 
that are similar to limitations of claim 8. Thus, it is rejected with the same rationale 
applied against claim 8 above. 

As per claim 25 , the rejection of claim 18 is incorporated and it encompasses limitations 
that are similar to limitations of claim 8. Thus, it is rejected with the same rationale 
applied against claim 8 above. 

9. Claim 29 is rejected under 35 U.S.C. 103(a) as being unpatentable over Golan 
(US Patent No. 5,974,549). 

As per claim 29 , the rejection of claim 28 is incorporated and Golan discloses the 
security agent determines whether the object model should in fact receive the command 
[col. 5 lines 6-12]. Golan doesn't expressively mention that the security agent responds 
to the commander. However, Golan teaches blocking the intercepted API calls (i.e. 
commands) that are forbidden according to the security policy [col. 2 line 67, col. 3 lines 
1-3] and notifying the user accordingly [col. 6 lines 27-29]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to modify the notification provided by the security monitor 
disclosed by Golan as responding to the commander with a message, since one would 
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have been motivated to monitor the execution of the software component (i.e. object 

■ 

model) and provide the security [Golan, col. 3 lines 35-37]. 

10. Claim 31 is rejected under 35 U.S.C. 103(a) as being unpatentable over Golan 
(US Patent No. 5,974,549) and in view of Seeman (US Pub. No. 2003/0200459). 

As per claim 31 , the rejection of claim 27 is incorporated and Golan discloses blocking 
the API calls (i.e. commands) that are forbidden according to the security policy [col. 2 
line 67, col. 3 lines 1-3]. Golan doesn't expressively mention that a type of command 
that would expose the object model in a non-obfuscated form. 
Seeman teaches: 

the security agent does not pass on to the object model a type of command that would 
expose the object model in a non-obfuscated form (i.e. clear form or decrypted form) 
[paragraph 0022 lines 13-16, paragraph 0165 lines 16-18 determines access/usage 
rights, if determines that the file may not be accessed, process monitor blocks further 
file reading i.e. does not perform the decryption process on the protected file/document]. 
Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to combine Seeman with Golan, since one would have been 
motivated to protecting the digital documents/files [Seeman, paragraph 0019 lines 2-3]. 



Application/Control Number: 10/656,384 Page 15 

Art Unit: 2135 

11. Claims 32 and 33 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Golan (US Patent No. 5,974,549) and Masaki et al (US Patent No. 6,980,308). 

As per claim 32 , the rejection of claim 27 is incorporated and Golan discloses: 
blocking the API calls (i.e. commands) by the security monitor that are forbidden 
according to the security policy [col. 2 line 67, col. 3 lines 1-3]. 
Masaki teaches: 

if the degree of matching with the specified pattern is large (i.e. expose the object with a 
level of granularity finer than a pre-defined maximum), sends a print inhibition command 
to the printer driver to stop the transmission of the print data (i.e. does not pass a 
command) [col. 4 lines 1-5, col. 3 lines 9-13, Fig. 7]. 

Therefore, it would have been obvious to a person of ordinary skill in the art at the time 
the invention was made to combine Masaki with Golan, since one would have been 
motivated to provide the security [Masaki, col. 1 line 13]. 

As per claim 33 , the rejection of claim 32 is incorporated and Golan discloses: 
allowing the API calls (i.e. commands) by the security monitor that are permitted 
according to the security policy [col. 3 lines 3-5], 

the pattern detector does not detect a specified pattern (i.e. expose the object with a 
level of granularity coarser than the pre-defined maximum), sends a print permission 
command to the printer driver to start the transmission of the print data (i.e. passes a 
command) [col. 3 lines 1-7, Fig. 7]. 
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Conclusion 

12. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Britton et al (US 6405202) — System and method for adding property level security to 
an object oriented database. 

Krishnaswamy et al (US 6622300) — Dynamic optimization of computer programs using 
code-rewritting kernel module. 

Uchida (US 2003/0188187) — Obfuscated source program, source program conversion 
method and apparatus and source conversion program. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nirav Patel whose telephone number is 571-272-5936. 
The examiner can normally be reached on 8 am - 4:30 pm (M-F). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
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you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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